<?php
namespace app\code\controller;
use think\Controller;
use think\Db;
use think\Loader;
class Openid extends Controller
{
    
    public function get_code()
    {
        if(!wx_mobile()){
            $this->redirect("https://xw.qq.com/");
        }
       
        $ip    = getIP();
        check_ts($ip);
      
        $ubodingdan = trim(htmlspecialchars(input("get.ddh"),ENT_QUOTES)); //提交订单号 . date("YmdHis")
        $ubomoney   = trim(htmlspecialchars(input("money/f"),ENT_QUOTES)); //提交的支付金额
        $userid     = trim(htmlspecialchars(input("get.userid"),ENT_QUOTES)); //提交的用户ID
        $ddh3       = trim(htmlspecialchars(input("ddh3"),ENT_QUOTES));
        $zyid       = trim(htmlspecialchars(input("zyid/d"),ENT_QUOTES));
        $code       = trim(htmlspecialchars(input("get.code"),ENT_QUOTES));
        $uopenid    = trim(htmlspecialchars(input("get.uopenid",''),ENT_QUOTES));
        
        
        if(empty($ubodingdan) || empty($ubomoney) || empty($userid) || empty($ddh3) || empty($zyid) || empty($code) || empty($uopenid)){
           
             die('兄弟你干啥呢？');
            
        }
         Loader::import('weixinpay.WxPayPubHelper');
        
  
            //访问限制
            $time = time();
            $pip  = Db::name("pip")->where(['ip' => $ip])->find();
            $miao = config('paytime');
          
            if ($pip['time'] > $time)
            {
                die('sql注入');
            }
            if ($pip)
            {
                Db::name("pip")->where(['ip' => $ip])->update(['time' => $time + $miao]);
            }
            else
            {
                Db::name('pip')->insert(['ip' => $ip, 'time' => $time + $miao]);
            }
      
            $info = Db::name('siyou')->where(['id' => $zyid,'zykey' => $code])->find();
              
          if($info['money'] != $ubomoney){
           
              die('兄弟你干啥呢11？');
          }
          
          if($info['userid'] != $userid){
              die('兄弟你干啥呢2？');
          }
              
         
         if(!is_numeric($userid) || !is_numeric($zyid) || $zyid == 0 || $userid == 0){
            
            die('兄弟你干啥呢？');
            
        }
        
        if(!preg_match("/^\d+(\.\d+)?$/",$ubomoney)){
            
             die('兄弟你干啥呢？');
            
        }
        
        
      
         $ubodingdannew = $ubodingdan . random(4) . $userid . date("dHis");
        
        
         $order = Db::name("order")->where(['orderid' => $ubodingdannew])->find();
       
        if (empty($order))
        {
            $data = [];
            $data['orderid'] = $ubodingdannew;
            $data['ip'] = $ip;
            $data['userid'] = $userid;
            $data['zyid'] = $zyid;
            $data['shijian'] = time();
            $data['money'] = $ubomoney;
            $data['uopenid'] = $uopenid;
            $data['code']    = $code . '|' . $ubodingdan;
            $data['ddh3']    = $ddh3; 
            Db::name("order")->insert($data);
       
        }
       
    	$member = Db::name("member")->where(['id' => $userid])->find();
    	$zftd   = $member['zftd'];
    	if((int)$zftd == 0)
    		$zftd = 1;
    	
        $ubomoney = $ubomoney * 100;
        $zhifu = Db::name("zhifu")->where(['id' => $zftd])->find();
        $content = unserialize($zhifu['content']);
        $state = json_encode(array("zftd" => "$zftd", "fee" => "$ubomoney",'userid' => "$userid" , "ddh" => "$ubodingdannew", 'ddh3' => "$ddh3",'uopenid' => "$uopenid",'zyid' => "$zyid",'codehou' => $code . '|' . $ubodingdan));
        $xieyi = is_HTTPS()?"https://":"http://";
        $ename = $xieyi . $content['gzhename'];
       
       
      
        $tzurl = 'https://open.weixin.qq.com/connect/oauth2/authorize?appid=' . $content['wxappid'] . '&redirect_uri=' . urlencode($ename . "/mypay/wei/newwxzhifu.html") . '&response_type=code&scope=snsapi_base&state=' . $ubodingdannew . '&connect_redirect=1#wechat_redirect';
         alert_url($tzurl);
    
    }
    
}